Changed permission for adding users to an existing project from "administration" to "project edit"

Implemented HTML Purifier filter for all user input. This will give us STRONG protection against all kinds of XSS attacks, while preserving rich formating options. It will also enhance well formedness.

Implemented some Content-Security-Protection header options. No framing,only load css from same origin, only load .js files from same origin, only load images from same origin

Remove force-compile option from template engine. This disabled caching and caused performance problems for some users.

Add compileAllConfig() to force a recompile of the config files in certain cases.